Re: [PATCH v5] proc/sysctl: add shared variables for range check

From: Kees Cook
Date: Thu May 16 2019 - 14:35:26 EST


On Thu, May 16, 2019 at 06:09:53PM +0200, Matteo Croce wrote:
> On Tue, Apr 30, 2019 at 8:14 PM Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> >
> > On Tue, Apr 30, 2019 at 11:01 AM Matteo Croce <mcroce@xxxxxxxxxx> wrote:
> > >
> > > In the sysctl code the proc_dointvec_minmax() function is often used to
> > > validate the user supplied value between an allowed range. This function
> > > uses the extra1 and extra2 members from struct ctl_table as minimum and
> > > maximum allowed value.
> > >
> [...]
> > >
> > > Signed-off-by: Matteo Croce <mcroce@xxxxxxxxxx>
> >
> > Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>
> >
> > --
> > Kees Cook
>
> Hi all,
>
> just a ping about this patch. Any tought, suggestion, concern or criticism?

Andrew, does this look okay to pick up after -rc2 for -next?

--
Kees Cook